| reddi007 | 19.02.2011 17:37 |
Hier der OTL Scan: Hoffe alles richtig gemacht.
OTL Logfile: Code:
OTL logfile created on: 19.02.2011 16:45:47 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = D:\rootkitscan
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 22,48 Gb Free Space | 46,04% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 1,41 Gb Free Space | 2,89% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 76,01 Gb Free Space | 77,83% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 75,98 Gb Free Space | 77,81% Space Free | Partition Type: NTFS
Drive G: | 172,80 Gb Total Space | 96,92 Gb Free Space | 56,09% Space Free | Partition Type: NTFS
Computer Name: WOWA | User Name: WoWa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\rootkitscan\OTL.exe (OldTimer Tools)
PRC - D:\rootkitscan\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - D:\Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\mcafee\Mcshield.exe (McAfee, Inc.)
PRC - D:\mcafee\shstat.exe (McAfee, Inc.)
PRC - C:\WINXP\system32\mfevtps.exe (McAfee, Inc.)
PRC - D:\mcafee\VsTskMgr.exe (McAfee, Inc.)
PRC - D:\mcafee\mfeann.exe (McAfee, Inc.)
PRC - D:\mcafee\EngineServer.exe (McAfee, Inc.)
PRC - D:\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - D:\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\WINXP\explorer.exe (Microsoft Corporation)
PRC - D:\nopopup\NoPopUp 2003\nopopup.exe (NEXT-Soft)
========== Modules (SafeList) ==========
MOD - D:\rootkitscan\OTL.exe (OldTimer Tools)
MOD - C:\WINXP\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (ZFL) -- File not found
SRV - (UUMWPETNL) -- File not found
SRV - (HidServ) -- File not found
SRV - (Ati HotKey Poller) -- File not found
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Lavasoft Ad-Aware Service) -- D:\adaware\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (TuneUp.Defrag) -- D:\Tuneup\TuneUpDefragService.exe (TuneUp Software)
SRV - (dgdersvc) -- C:\WINXP\system32\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (FsUsbExService) -- C:\WINXP\system32\FsUsbExService.Exe (Teruten)
SRV - (TuneUp.UtilitiesSvc) -- D:\Tuneup\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINXP\system32\uxtuneup.dll (TuneUp Software)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TVersityMediaServer) -- D:\ps3zupc\Media Server\MediaServer.exe ()
SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (McShield) -- D:\mcafee\Mcshield.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\WINXP\system32\mfevtps.exe (McAfee, Inc.)
SRV - (McTaskManager) -- D:\mcafee\VsTskMgr.exe (McAfee, Inc.)
SRV - (McAfeeEngineService) -- D:\mcafee\EngineServer.exe (McAfee, Inc.)
SRV - (McAfeeFramework) -- D:\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (AntiVirService) -- D:\Antivir\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- D:\Antivir\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (AAV UpdateService) -- D:\Steuer-Sparer.2010.German-RESTORE\install\AAVUpdateManager\aavus.exe ()
SRV - (btwdins) -- D:\bluetooth\bin\btwdins.exe (Broadcom Corporation.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (SBRE) -- C:\WINXP\system32\drivers\SBREDrv.sys (Sunbelt Software)
DRV - (MBAMSwissArmy) -- C:\WINXP\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (sbapifs) -- C:\WINXP\system32\drivers\sbapifs.sys (Sunbelt Software)
DRV - (sbaphd) -- C:\WINXP\system32\drivers\sbaphd.sys (Sunbelt Software)
DRV - (Lbd) -- C:\WINXP\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- D:\adaware\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINXP\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (dgderdrv) -- C:\WINXP\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (FsUsbExDisk) -- C:\WINXP\system32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\WINXP\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bserd) -- C:\WINXP\system32\drivers\ss_bserd.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\WINXP\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\WINXP\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (AR5416) -- C:\WINXP\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (nmwcdc) -- C:\WINXP\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINXP\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\WINXP\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINXP\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (TuneUpUtilitiesDrv) -- D:\Tuneup\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (avgntflt) -- C:\WINXP\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Monfilt) -- C:\WINXP\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINXP\system32\drivers\Ambfilt.sys (Creative)
DRV - (mfehidk) -- C:\WINXP\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINXP\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINXP\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINXP\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdik) -- C:\WINXP\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINXP\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (NSHE) -- C:\WINXP\system32\drivers\NSHE.SYS (T0r0)
DRV - (ssmdrv) -- C:\WINXP\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avmaura) -- C:\WINXP\system32\drivers\avmaura.sys (AVM Berlin)
DRV - (avipbb) -- C:\WINXP\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (RTL8023xp) -- C:\WINXP\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (ati2mtag) -- C:\WINXP\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (avgio) -- D:\Antivir\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (kbfiltr) -- C:\WINXP\system32\drivers\kbfiltr.sys ( )
DRV - (HDAudBus) -- C:\WINXP\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (hwdatacard) -- C:\WINXP\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (SynTP) -- C:\WINXP\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (amdide) -- C:\WINXP\system32\DRIVERS\amdide.sys (Advanced Micro Devices)
DRV - (AR5211) -- C:\WINXP\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (Ktp) -- C:\WINXP\system32\drivers\Ktp.sys (ELANTECH Devices Corp.)
DRV - (Cam5603D) -- C:\WINXP\system32\drivers\BisonCam.sys (Bison Electronics. Inc. )
DRV - (HSF_DPV) -- C:\WINXP\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINXP\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINXP\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (tvicport) -- C:\WINXP\system32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (zntport) -- C:\WINXP\system32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (int15) -- C:\WINXP\system32\drivers\int15.sys ()
DRV - (ESDCR) -- C:\WINXP\system32\drivers\ESD7SK.sys (ENE Technology Inc.)
DRV - (ESMCR) -- C:\WINXP\system32\drivers\ESM7SK.sys (ENE Technology Inc.)
DRV - (EMSCR) -- C:\WINXP\system32\drivers\EMS7SK.sys (ENE Technology Inc.)
DRV - (rockusb) -- C:\WINXP\system32\drivers\rockusb.sys (Fuzhou Rockchip Electronics Co,Ltd.)
DRV - (FTSER2K) -- C:\WINXP\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINXP\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (BTKRNL) -- C:\WINXP\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINXP\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINXP\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTSLBCSP) -- C:\WINXP\system32\drivers\btslbcsp.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINXP\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINXP\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINXP\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINXP\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (SMCIRDA) -- C:\WINXP\system32\drivers\smcirda.sys (SMSC)
DRV - (BrScnUsb) -- C:\WINXP\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (eusk2par) -- C:\WINXP\system32\drivers\eusk2par.sys (EUTRON)
DRV - (PQNTDrv) -- C:\WINXP\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (SCM_DVB) -- C:\WINXP\system32\drivers\alphac.sys (Windows (R) 2000 DDK provider)
DRV - (vcdrom) -- D:\virtualcd\VCdRom.sys (Microsoft Corporation)
DRV - (HCF_MSFT) -- C:\WINXP\system32\drivers\HCF_MSFT.sys ()
DRV - (irsir) -- C:\WINXP\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.t-online.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}:5.0.14
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.67
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: D:\NokiaSuite\Nokia PC Suite 7\bkmrksync\ [2010.08.05 14:50:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.12.03 18:16:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: D:\Firefox\components [2010.11.30 17:33:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: D:\Firefox\plugins [2011.02.16 16:42:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.12.03 18:16:08 | 000,000,000 | ---D | M]
[2008.12.19 19:18:11 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Extensions
[2011.02.16 20:51:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions
[2011.02.03 18:45:21 | 000,000,000 | ---D | M] (Flagfox) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.09.04 07:05:40 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.24 17:19:08 | 000,000,000 | ---D | M] ("DHL Packstation Bestellhelfer") -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{b8cbd8e0-e642-11dd-ba2f-0800200c9a66}
[2011.02.03 18:45:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.02.03 18:45:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.10.09 18:13:04 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.05.29 00:58:38 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011.02.16 20:03:20 | 000,000,000 | ---D | M] ("BitDefender QuickScan") -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.08.21 20:28:19 | 000,000,000 | ---D | M] (AnyColor) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\anycolor.pavlos256@gmail.com
[2009.11.10 19:42:37 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\firefox@tvunetworks.com
[2010.09.29 20:58:20 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\foxmarks@kei.com
[2009.12.31 18:43:32 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\moveplayer@movenetworks.com
[2010.06.19 20:33:35 | 000,000,000 | ---D | M] (Cooliris) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\piclens@cooliris.com
[2010.06.19 20:33:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\piclens@cooliris.com-trash
[2010.03.14 10:09:07 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.04.07 15:49:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINXP\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2008.12.23 13:38:08 | 000,000,000 | ---D | M] (Java Console) -- D:\FIREFOX\EXTENSIONS\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}
[2010.03.14 10:09:18 | 000,000,000 | ---D | M] (Java Console) -- D:\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
O1 HOSTS File: ([2010.04.03 13:59:18 | 000,000,867 | RHS- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\mcafee\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - D:\Translator\babylon\instal\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (PROMT) - {892E81F6-EC63-4d13-8422-835A7A05D6EB} - D:\Translator\install\PRMTIE\prmtie.dll (PROMT Ltd.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003..\Run: [ccleaner] D:\ccleaner\ccleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003..\Run: [NoPopUp] D:\nopopup\NoPopUp 2003\nopopup.exe (NEXT-Soft)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] D:\rootkitscan\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\DSL-Manager.lnk = File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = D:\bluetooth\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\DSL-Manager.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8 - Extra context menu item: Eintrag öffnen - D:\Translator\install\PRMTIE\addentry.HTM ()
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Internet-Suche - D:\Translator\install\PRMTIE\search.HTM ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\office 2003\instal\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite übersetzen - D:\Translator\install\PRMTIE\page.HTM ()
O8 - Extra context menu item: Senden an &Bluetooth - D:\bluetooth\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Themenvorlage automatisch bestimmen - D:\Translator\install\PRMTIE\aot.htm ()
O8 - Extra context menu item: Translate this web page with Babylon - D:\Translator\babylon\instal\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - D:\Translator\babylon\instal\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Übersetzen - D:\Translator\install\PRMTIE\translat.HTM ()
O8 - Extra context menu item: Übersetzungsoptionen anpassen - D:\Translator\install\PRMTIE\options.HTM ()
O8 - Extra context menu item: Unbekannte Wörter - D:\Translator\install\PRMTIE\infopanel.HTM ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Übersetzungsoptionen anpassen - {4034D172-4C52-49de-A6A1-E75F8F591FEC} - D:\Translator\install\PRMTIE\options.HTM ()
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\office 2003\instal\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Übersetzen - {A2DA13D5-AC77-43b7-963B-40445EBCB8E0} - D:\Translator\install\PRMTIE\Prmtie5.htm ()
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - D:\Translator\babylon\instal\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - D:\Translator\babylon\instal\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-1644491937-220523388-1801674531-1003\..Trusted Domains: zattoo.com ([www] https in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_14-windows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINXP\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - *DISABLED*wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - *DISABLED*wlnotify.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - *DISABLED*WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - *DISABLED*wlnotify.dll - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\WoWa\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\WoWa\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2008.12.19 16:45:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.01.14 15:30:48 | 000,012,379 | ---- | M] () - G:\autoscan.pdf -- [ NTFS ]
O33 - MountPoints2\{a37fe88c-bcd9-11de-bf20-0016cf3f62c9}\Shell\AutoRun\command - "" = I:\WDSetup.exe
O33 - MountPoints2\{f797f2fa-13ca-11df-bfb2-0016cf3f62c9}\Shell - "" = AutoRun
O33 - MountPoints2\{f797f2fa-13ca-11df-bfb2-0016cf3f62c9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f797f2fa-13ca-11df-bfb2-0016cf3f62c9}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINXP\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINXP\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
MsConfig - Services: "ose"
MsConfig - Services: "PLFlash DeviceIoControl Service"
MsConfig - Services: "NMIndexingService"
MsConfig - Services: "Nero BackItUp Scheduler 3"
MsConfig - Services: "ServiceLayer"
MsConfig - Services: "getPlus(R) Helper"
MsConfig - Services: "wuauserv"
MsConfig - Services: "FLEXnet Licensing Service"
MsConfig - Services: "TVersityMediaServer"
MsConfig - Services: "idsvc"
MsConfig - Services: "Bonjour Service"
MsConfig - Services: "AcerMemUsageCheckService"
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "AAV UpdateService"
MsConfig - Services: "JavaQuickStarterService"
MsConfig - Services: "AntiVirService"
MsConfig - Services: "AntiVirSchedulerService"
MsConfig - Services: "ATI Smart"
MsConfig - Services: "TuneUp.UtilitiesSvc"
MsConfig - Services: "TuneUp.Defrag"
MsConfig - Services: "Application Updater"
MsConfig - Services: "iPod Service"
MsConfig - Services: "Apple Mobile Device"
MsConfig - Services: "FsUsbExService"
MsConfig - Services: "dgdersvc"
MsConfig - Services: "ZFL"
MsConfig - Services: "UUMWPETNL"
MsConfig - Services: "Lavasoft Ad-Aware Service"
MsConfig - Services: "helpsvc"
MsConfig - StartUpReg: pcsafedoctor.exe - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - D:\adaware\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: McAfeeEngineService - D:\mcafee\EngineServer.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - D:\adaware\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINXP\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {4P135AJH-0U2N-G8H6-DNF1-S41L5OD827K0} - C:\WINXP\system32\install\drive.exe
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINXP\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {621FCD24-4498-4324-A81E-07D331376EDF} - C:\Programme\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINXP\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINXP\system32\Rundll32.exe C:\WINXP\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C1F93AF3-1105-A433-6741-AF5227541E2E} - IE7 Uninstall Stub
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINXP\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINXP\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINXP\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: ccc-core-static - msiexec /fums {35BDA760-4905-19AA-54A0-C118ABB5BF0C} /qb
Drivers32: msacm.iac2 - C:\WINXP\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINXP\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINXP\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINXP\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINXP\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINXP\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINXP\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINXP\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINXP\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINXP\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINXP\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINXP\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 30 Days ==========
[2011.02.19 16:02:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Malwarebytes
[2011.02.19 16:02:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2011.02.19 16:02:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.02.19 16:02:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.02.19 16:02:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2011.02.19 15:26:22 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\WoWa\Recent
[2011.02.17 22:37:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\WoWa\Startmenü\Programme\HiJackThis
[2011.02.17 22:06:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Security Task Manager
[2011.02.17 22:00:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2011.02.16 20:03:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\QuickScan
[2011.02.16 19:46:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\f-secure
[2011.02.16 19:45:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2011.02.16 18:53:42 | 000,069,976 | ---- | C] (Sunbelt Software) -- C:\WINXP\System32\drivers\sbapifs.sys
[2011.02.16 18:52:13 | 000,021,464 | ---- | C] (Sunbelt Software) -- C:\WINXP\System32\drivers\sbaphd.sys
[2011.02.16 18:48:12 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINXP\System32\drivers\Lbd.sys
[2011.02.16 18:47:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2011.02.16 18:47:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Lavasoft
[2011.02.16 17:53:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\WoWa\Lokale Einstellungen\Anwendungsdaten\Sunbelt Software
[2011.02.16 17:51:42 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINXP\System32\drivers\SBREDrv.sys
[2011.02.16 17:47:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
[2011.02.11 20:43:15 | 000,000,000 | ---D | C] -- G:\DVDVideoSoft
[2011.01.24 18:21:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Rosetta Stone
[2011.01.24 18:20:56 | 000,000,000 | ---D | C] -- C:\Programme\Rosetta Stone
[2011.01.24 18:20:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rosetta Stone
[2011.01.07 18:38:53 | 000,000,000 | ---D | C] -- G:\vagsachn
[2011.01.01 15:43:19 | 000,000,000 | RHSD | C] -- C:\WINXP\System32\install
[2010.12.29 13:00:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINXP\System32\GdiPlus.dll
[2010.12.29 13:00:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINXP\System32\msxml3a.dll
[2010.12.29 12:46:10 | 000,000,000 | ---D | C] -- G:\NeroVision
[2010.12.28 20:25:33 | 000,000,000 | ---D | C] -- G:\silvesterslideshow
[2010.12.16 19:52:17 | 000,000,000 | ---D | C] -- G:\Huk24 KFZ-Vers
[2010.12.06 22:29:43 | 000,000,000 | ---D | C] -- G:\Samsung
[2010.12.06 22:29:35 | 000,217,088 | ---- | C] (Teruten) -- C:\WINXP\System32\FsUsbExService.Exe
[2009.11.07 13:09:03 | 000,053,248 | ---- | C] ( ) -- C:\WINXP\System32\Interop.Shell32.dll
[2008.11.03 15:03:28 | 000,013,880 | ---- | C] ( ) -- C:\WINXP\System32\drivers\kbfiltr.sys
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
[1 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.02.19 16:23:11 | 000,000,069 | ---- | M] () -- C:\WINXP\NeroDigital.ini
[2011.02.19 16:02:40 | 000,000,649 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.19 15:31:02 | 000,000,538 | RHS- | M] () -- C:\boot.ini
[2011.02.19 15:26:47 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl
[2011.02.19 15:25:52 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2011.02.17 22:48:43 | 000,002,323 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\HiJackThis.lnk
[2011.02.17 21:35:52 | 000,000,022 | ---- | M] () -- C:\WINXP\tpcsd
[2011.02.17 21:14:54 | 055,934,280 | ---- | M] () -- C:\WINXP\System32\GYGTPYUUJZTWODJ
[2011.02.16 20:25:31 | 2011,779,072 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.16 20:23:00 | 000,000,000 | ---- | M] () -- C:\WINXP\System32\LTODMHD
[2011.02.16 20:15:50 | 000,000,000 | ---- | M] () -- C:\WINXP\System32\JVTGVFXJDSNOUOT
[2011.02.16 17:58:41 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINXP\System32\drivers\SBREDrv.sys
[2011.02.16 16:51:28 | 000,049,664 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\Ein Lehrgang.doc
[2011.02.16 16:40:55 | 000,486,753 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\bb_TFW.pdf
[2011.01.25 21:19:54 | 001,429,776 | ---- | M] () -- C:\WINXP\System32\FNTCACHE.DAT
[2011.01.12 19:28:58 | 000,064,847 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\DRIFT ENERGIE für Privatkunden.pdf
[2010.12.29 12:46:55 | 000,060,416 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2010.12.06 22:35:47 | 000,193,664 | ---- | M] () -- G:\samsungkontakte.SPB
[2010.12.06 22:31:48 | 000,000,000 | -H-- | M] () -- C:\WINXP\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.12.06 22:24:26 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010.12.03 10:05:36 | 000,069,976 | ---- | M] (Sunbelt Software) -- C:\WINXP\System32\drivers\sbapifs.sys
[2010.12.03 10:05:36 | 000,021,464 | ---- | M] (Sunbelt Software) -- C:\WINXP\System32\drivers\sbaphd.sys
[2010.12.03 10:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINXP\System32\drivers\Lbd.sys
[2010.12.03 10:05:33 | 000,015,880 | ---- | M] () -- C:\WINXP\System32\lsdelete.exe
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
[1 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.02.19 16:02:40 | 000,000,649 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.17 22:37:05 | 000,002,323 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\HiJackThis.lnk
[2011.02.17 21:35:52 | 000,000,022 | ---- | C] () -- C:\WINXP\tpcsd
[2011.02.17 21:08:55 | 055,934,280 | ---- | C] () -- C:\WINXP\System32\GYGTPYUUJZTWODJ
[2011.02.16 20:23:00 | 000,000,000 | ---- | C] () -- C:\WINXP\System32\LTODMHD
[2011.02.16 20:15:50 | 000,000,000 | ---- | C] () -- C:\WINXP\System32\JVTGVFXJDSNOUOT
[2011.02.16 19:26:33 | 000,015,880 | ---- | C] () -- C:\WINXP\System32\lsdelete.exe
[2011.02.16 16:51:28 | 000,049,664 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\Ein Lehrgang.doc
[2011.02.16 16:40:55 | 000,486,753 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\bb_TFW.pdf
[2011.01.12 19:28:56 | 000,064,847 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Desktop\DRIFT ENERGIE für Privatkunden.pdf
[2010.12.11 15:20:39 | 000,000,385 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
[2010.12.06 22:52:19 | 001,218,160 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.12.06 22:35:46 | 000,193,664 | ---- | C] () -- G:\samsungkontakte.SPB
[2010.12.06 22:29:35 | 000,110,592 | ---- | C] () -- C:\WINXP\System32\FsUsbExDevice.Dll
[2010.12.06 22:29:35 | 000,036,640 | ---- | C] () -- C:\WINXP\System32\FsUsbExDisk.Sys
[2010.10.25 10:09:56 | 000,974,848 | ---- | C] () -- C:\WINXP\System32\cis-2.4.dll
[2010.10.25 10:09:56 | 000,081,920 | ---- | C] () -- C:\WINXP\System32\issacapi_bs-2.3.dll
[2010.10.25 10:09:56 | 000,065,536 | ---- | C] () -- C:\WINXP\System32\issacapi_pe-2.3.dll
[2010.10.25 10:09:56 | 000,057,344 | ---- | C] () -- C:\WINXP\System32\issacapi_se-2.3.dll
[2010.10.24 18:23:52 | 000,002,074 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\SAS7_000.DAT
[2010.08.31 16:58:23 | 000,116,224 | ---- | C] () -- C:\WINXP\System32\pdfcmnnt.dll
[2010.05.31 18:52:31 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\$_hpcst$.hpc
[2010.05.20 20:31:25 | 000,000,157 | ---- | C] () -- C:\WINXP\dnd_esox4.ini
[2010.05.13 21:48:37 | 000,000,173 | ---- | C] () -- C:\WINXP\System32\MRT.INI
[2010.02.21 10:41:13 | 000,073,728 | ---- | C] () -- C:\WINXP\System32\RtNicProp32.dll
[2010.01.25 16:20:57 | 000,000,828 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\promtAcroTrans.log
[2009.12.02 17:42:06 | 000,000,196 | ---- | C] () -- C:\WINXP\System32\ftdiun2k.ini
[2009.11.16 16:41:03 | 000,000,034 | ---- | C] () -- C:\WINXP\System32\oeminfo.ini
[2009.11.07 13:41:25 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.11.07 13:10:02 | 000,069,632 | ---- | C] () -- C:\WINXP\System32\drivers\int15.sys
[2009.11.07 13:10:02 | 000,008,704 | ---- | C] () -- C:\WINXP\System32\drivers\int15_64.sys
[2009.11.07 13:09:03 | 000,331,776 | ---- | C] () -- C:\WINXP\System32\ScrollBarLib.dll
[2009.08.31 19:13:42 | 000,000,098 | ---- | C] () -- C:\WINXP\ETKINST.INI
[2009.08.26 16:09:33 | 000,000,090 | ---- | C] () -- C:\WINXP\AlphaCrypt.ini
[2009.06.25 21:01:16 | 000,006,836 | ---- | C] () -- C:\WINXP\System32\UNWISE.INI
[2009.06.25 20:41:35 | 000,000,056 | ---- | C] () -- C:\WINXP\Acroread.ini
[2009.01.18 17:14:15 | 000,000,048 | ---- | C] () -- C:\WINXP\wpd99.drv
[2009.01.18 17:12:03 | 000,114,738 | ---- | C] () -- C:\WINXP\System32\pdfmona.dll
[2009.01.18 17:12:03 | 000,046,648 | ---- | C] () -- C:\WINXP\System32\pdfmon.dll
[2009.01.17 11:20:06 | 000,000,425 | ---- | C] () -- C:\WINXP\BRWMARK.INI
[2009.01.17 11:20:06 | 000,000,027 | ---- | C] () -- C:\WINXP\BRPP2KA.INI
[2009.01.17 11:19:51 | 000,000,882 | ---- | C] () -- C:\WINXP\Brpfx04a.ini
[2009.01.17 11:19:51 | 000,000,128 | ---- | C] () -- C:\WINXP\brpcfx.ini
[2009.01.17 11:19:14 | 000,106,496 | ---- | C] () -- C:\WINXP\System32\BrMuSNMP.dll
[2009.01.14 19:18:00 | 000,000,010 | ---- | C] () -- C:\WINXP\WININIT.INI
[2008.12.27 19:17:47 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\default.pls
[2008.12.23 14:16:59 | 000,000,069 | ---- | C] () -- C:\WINXP\NeroDigital.ini
[2008.12.23 00:15:09 | 000,000,000 | ---- | C] () -- C:\WINXP\Irremote.ini
[2008.12.19 21:03:50 | 000,015,190 | ---- | C] () -- C:\WINXP\M2000Twn.ini
[2008.12.19 20:43:31 | 000,356,352 | ---- | C] () -- C:\WINXP\EMCRI.dll
[2008.12.19 19:10:16 | 000,000,008 | RHS- | C] () -- C:\WINXP\System32\Desktop_.ini
[2008.12.19 18:28:21 | 000,001,324 | ---- | C] () -- C:\WINXP\ODBC.INI
[2008.12.19 18:21:40 | 000,908,352 | ---- | C] () -- C:\WINXP\System32\drivers\HCF_MSFT.sys
[2008.12.19 17:46:59 | 000,060,416 | ---- | C] () -- C:\Dokumente und Einstellungen\WoWa\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.19 16:35:05 | 000,004,073 | ---- | C] () -- C:\WINXP\ODBCINST.INI
[2007.03.12 21:31:28 | 001,732,608 | ---- | C] () -- C:\WINXP\System32\BCGPStyle2007Luna.dll
[2005.10.14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINXP\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINXP\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,761,856 | ---- | C] () -- C:\WINXP\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINXP\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINXP\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINXP\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINXP\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINXP\System32\ogg.dll
[2005.10.14 10:56:48 | 000,077,824 | ---- | C] () -- C:\WINXP\System32\MMSwitch.dll
[2005.09.19 15:50:42 | 000,090,112 | ---- | C] () -- C:\WINXP\System32\btprn2k.dll
[2005.04.08 03:16:43 | 000,147,175 | -H-- | C] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\cglogs.dat
[2003.12.31 15:25:23 | 000,061,952 | ---- | C] () -- C:\WINXP\System32\ajnetmask.dll
[2003.12.25 22:21:16 | 000,087,040 | ---- | C] () -- C:\WINXP\System32\TrayIcon12.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINXP\System32\OUTLPERF.INI
[2002.02.01 15:00:00 | 000,620,544 | ---- | C] () -- C:\WINXP\System32\stlpmt45.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINXP\System32\lcppn21.dll
========== LOP Check ==========
[2010.04.13 19:43:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2010.06.02 21:05:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2011.02.16 19:45:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2010.12.03 18:07:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2010.12.03 18:08:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2010.12.03 18:14:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.10.24 17:48:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nuance
[2009.09.01 14:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2008.12.24 22:11:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.01.24 20:11:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PRMT
[2009.06.18 18:12:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution
[2010.10.30 11:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Readon
[2011.01.24 20:15:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rosetta Stone
[2010.12.06 22:26:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2010.10.24 17:49:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2011.02.17 22:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2009.09.24 19:09:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2010.10.24 18:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.03.28 07:40:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2011.02.16 18:47:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2010.10.20 22:07:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.03.28 07:39:54 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009.01.02 23:44:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\SACore
[2010.05.10 19:49:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Babylon
[2010.05.01 17:06:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Command and Conquer 4
[2010.12.28 17:40:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.02.16 19:46:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\f-secure
[2009.04.27 17:43:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\GARMIN
[2009.09.01 15:22:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\GetRightToGo
[2010.12.03 18:40:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Nokia
[2010.12.03 18:40:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Nokia Ovi Suite
[2010.10.24 17:54:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Nuance
[2008.12.24 22:16:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PC Suite
[2009.01.18 14:30:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PC-FAX TX
[2010.08.31 18:00:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\pdfforge
[2010.02.18 21:59:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\phonostar-Player
[2010.01.26 17:50:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PRMT
[2010.01.24 20:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PROject MT
[2011.02.17 22:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\QuickScan
[2008.12.30 12:51:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\RTPlayer
[2010.12.06 22:24:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Samsung
[2010.08.31 18:00:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Search Settings
[2008.12.23 13:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\T-Online
[2008.12.19 19:44:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\TuneUp Software
[2009.01.18 16:48:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\WordToPDF
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.05.01 16:59:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Adobe
[2010.11.04 19:06:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Apple Computer
[2009.01.14 19:47:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\ATI
[2010.12.29 13:01:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\AVS4YOU
[2010.05.10 19:49:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Babylon
[2009.01.17 11:25:55 | 000,000,000 | RHSD | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Brother
[2010.05.01 17:06:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Command and Conquer 4
[2010.05.06 18:26:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\DivX
[2009.08.20 07:59:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\dvdcss
[2010.12.28 17:40:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.02.16 19:46:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\f-secure
[2009.04.27 17:43:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\GARMIN
[2009.09.01 15:22:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\GetRightToGo
[2011.01.07 18:36:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Help
[2008.12.19 16:52:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Identities
[2008.12.19 19:09:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\InstallShield
[2008.12.20 13:58:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Macromedia
[2011.02.19 16:02:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Malwarebytes
[2010.05.10 19:24:48 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft
[2009.12.31 18:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Move Networks
[2008.12.19 19:18:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla
[2008.12.22 23:53:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Nero
[2010.12.03 18:40:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Nokia
[2010.12.03 18:40:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Nokia Ovi Suite
[2010.10.24 17:54:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Nuance
[2008.12.24 22:16:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PC Suite
[2009.01.18 14:30:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PC-FAX TX
[2010.08.31 18:00:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\pdfforge
[2010.02.18 21:59:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\phonostar-Player
[2010.01.26 17:50:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PRMT
[2010.01.24 20:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\PROject MT
[2011.02.17 22:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\QuickScan
[2009.12.22 16:18:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Real
[2008.12.30 12:51:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\RTPlayer
[2010.12.06 22:24:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Samsung
[2010.08.31 18:00:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Search Settings
[2008.12.24 10:26:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Sun
[2008.12.23 13:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\T-Online
[2008.12.19 19:44:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\TuneUp Software
[2011.02.05 23:00:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\vlc
[2011.02.12 14:16:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\winamp
[2010.03.14 12:16:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\WinRAR
[2009.01.18 16:48:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\WordToPDF
< %APPDATA%\*.exe /s >
[2010.05.01 16:59:30 | 000,038,784 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.10.30 11:38:35 | 000,005,430 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_44F622AA395D57B9743A14.exe
[2010.10.30 11:38:35 | 000,005,430 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{1584854C-1513-40EA-96D4-493384D0A3C7}\_BBC8D813A8F14BA749114F.exe
[2011.02.17 22:37:05 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2010.08.22 09:30:09 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{630CC87A-57A3-45DC-A5A4-08CE98E0BCB7}\ARPPRODUCTICON.exe
[2010.08.22 09:30:09 | 000,009,158 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{630CC87A-57A3-45DC-A5A4-08CE98E0BCB7}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe
[2010.01.14 15:36:06 | 000,007,168 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{7C2A05B5-A80C-4F33-A388-51D46790AC9F}\Icon8E11F6A5.exe
[2010.01.14 15:36:06 | 000,005,120 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{7C2A05B5-A80C-4F33-A388-51D46790AC9F}\Icon8E11F6A53.exe
[2010.01.12 21:41:44 | 000,005,632 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{9EC14056-1A97-11D8-A8F3-0050DA519711}\IconEB7F0E66.exe
[2010.01.12 21:41:44 | 000,005,120 | R--- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{9EC14056-1A97-11D8-A8F3-0050DA519711}\IconEB7F0E663.exe
[2009.12.26 20:01:01 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Microsoft\Installer\{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}\ARPPRODUCTICON.exe
[2010.06.14 11:08:50 | 000,425,984 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
[2010.06.14 11:08:50 | 000,545,280 | ---- | M] () -- C:\Dokumente und Einstellungen\WoWa\Anwendungsdaten\Mozilla\Firefox\Profiles\os9itk7n.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINXP\Driver Cache\i386\sp3.cab:atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINXP\system32\drivers\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINXP\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINXP\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINXP\explorer.exe
[2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINXP\system32\dllcache\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINXP\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINXP\system32\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2008.04.14 13:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINXP\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINXP\system32\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\System32\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINXP\system32\dllcache\user32.dll
[2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINXP\system32\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\System32\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINXP\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINXP\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINXP\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINXP\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.04.14 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINXP\system32\dllcache\ws2ifsl.sys
[2008.04.14 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINXP\system32\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.12.19 17:32:55 | 000,094,208 | ---- | M] () -- C:\WINXP\system32\config\default.sav
[2008.12.19 17:32:55 | 001,093,632 | ---- | M] () -- C:\WINXP\system32\config\software.sav
[2008.12.19 17:32:55 | 000,462,848 | ---- | M] () -- C:\WINXP\system32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINXP\system32\*.tmp files -> C:\WINXP\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F35A93AD
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 19.02.2011 16:45:47 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = D:\rootkitscan
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 22,48 Gb Free Space | 46,04% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 1,41 Gb Free Space | 2,89% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 76,01 Gb Free Space | 77,83% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 75,98 Gb Free Space | 77,81% Space Free | Partition Type: NTFS
Drive G: | 172,80 Gb Total Space | 96,92 Gb Free Space | 56,09% Space Free | Partition Type: NTFS
Computer Name: WOWA | User Name: WoWa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-1644491937-220523388-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\office 2003\instal\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\office 2003\instal\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\vlcplayer\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\vlcplayer\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "D:\ps3zupc\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 3
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\sprachelernen\support\bin\win\RosettaStoneLtdServices.exe" = D:\sprachelernen\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
"D:\sprachelernen\RosettaStoneVersion3.exe" = D:\sprachelernen\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Multidmedia Limited )
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\sprachelernen\support\bin\win\RosettaStoneLtdServices.exe" = D:\sprachelernen\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
"D:\sprachelernen\RosettaStoneVersion3.exe" = D:\sprachelernen\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Multidmedia Limited )
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{1584854C-1513-40EA-96D4-493384D0A3C7}" = Readon TV Movie Radio Player 7.2.0.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{2026DF25-9BDC-4FDD-660A-781F6A0C2BF9}" = Catalyst Control Center Graphics Light
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{293C028C-F54A-4E19-EF7B-116263B7E367}" = ATI Catalyst Install Manager
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31B5B620-CA8A-4F99-A64E-7DDB3D1BBB69}_is1" = appleJuice Client
"{3248F0A8-6813-11D6-A77B-00B0D0150140}" = J2SE Runtime Environment 5.0 Update 14
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDA760-4905-19AA-54A0-C118ABB5BF0C}" = ccc-core-static
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A7A59B3-D737-4C47-A17C-81968E7EC3E8}" = BLUE
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Acer OrbiCam
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5445FDF7-52F2-F776-ADBA-6A8C4FC815B3}" = ccc-utility
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{621FCD24-4498-4324-A81E-07D331376EDF}" = PixiePack Codec Pack
"{630CC87A-57A3-45DC-A5A4-08CE98E0BCB7}" = Branding
"{644281D2-98EF-46EE-80F7-03BE83819093}_is1" = NoPopUp 2003
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{75210E32-C431-4648-8C33-341FE1FC60FD}" = Atheros Client Installation Program
"{7C2A05B5-A80C-4F33-A388-51D46790AC9F}" = VAG-COM 311 Deutsch
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80B0A5B4-4DA4-D1D2-F339-9402B39B8709}" = Catalyst Control Center Graphics Full New
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97F1344F-55C5-45B8-A8F7-C0F22F938254}" = PROMT for Mozilla Firefox 3
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5B876D-A900-4AAB-B557-DE827BE46E6C}" = Nero 8
"{9BCBE007-6C18-C4E5-9F5C-4DCD23D1D844}" = Catalyst Control Center Core Implementation
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E2C5091-D8C8-437C-BE64-31B059B55BD3}" = Landi Renzo Omegas Sviluppo
"{9EC14056-1A97-11D8-A8F3-0050DA519711}" = VAG-COM 303 Deutsch
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{AA951B10-7089-4D60-B288-516E641F48E6}" = McAfee Agent
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1B65F06-A5EF-9D4B-67C9-5AC907DE616A}" = Catalyst Control Center Graphics Full Existing
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{EFF9D22F-2549-4A83-A7F1-BF6776A499AD}" = @promt Expert 8 English Giant
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = SMSC IrCC V5.1.3600.7
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F70D5D8C-C1AF-40B3-9E47-3BB5F19EEA3A}" = Atheros for Acer Driver 5.3.0.67_Foxconn Installation Program
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5)
"7-Zip" = 7-Zip 4.57
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.5 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_825" = Adobe Acrobat 8.2.5 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Babylon" = Babylon
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2BFA&SUBSYS_1025009F" = Soft Data Fax Modem with SmartCP
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7)
"Free YouTube Download_is1" = Free YouTube Download version 2.10.29
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreeUndelete" = FreeUndelete
"FTDICOMM" = FTDI USB Serial Converter Drivers
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"JDownloader" = JDownloader
"LHTTSFRF" = L&H TTS3000 Français
"LHTTSGED" = L&H TTS3000 Deutsch
"LHTTSITI" = L&H TTS3000 Italiano
"LHTTSPTB" = L&H TTS3000 Português (Brasil)
"LHTTSRUR" = L&H TTS3000 Russian
"LHTTSSPE" = L&H TTS3000 Español
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Vollversion)
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MyFreeCodec" = MyFreeCodec
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"RealPlayer 6.0" = RealPlayer
"Security Task Manager" = Security Task Manager 1.8c
"SetEditHD100" = SetEditHD100 (remove only)
"SopCast" = SopCast 3.2.9
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities" = TuneUp Utilities
"TVAnts 1.0" = TVAnts 1.0
"TVersity Codec Pack" = TVersity Codec Pack 1.4
"TVersity Media Server" = TVersity Media Server 1.9.2
"TVUPlayer" = TVUPlayer 2.4.9.1
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"xp-AntiSpy" = xp-AntiSpy 3.96-6
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Zattoo" = Zattoo 3.3.4 Beta
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1644491937-220523388-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.02.2011 15:19:33 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
Error - 16.02.2011 15:19:33 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10487c22.
Error - 16.02.2011 15:21:32 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
Error - 17.02.2011 16:16:36 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
Error - 17.02.2011 16:16:36 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
Error - 17.02.2011 16:16:36 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10487c22.
Error - 17.02.2011 16:18:31 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
Error - 17.02.2011 17:44:35 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
Error - 19.02.2011 10:26:42 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
Error - 19.02.2011 10:26:42 | Computer Name = WOWA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3951, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10417c22.
[ System Events ]
Error - 19.02.2011 10:25:57 | Computer Name = WOWA | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\D.
Error - 19.02.2011 10:25:57 | Computer Name = WOWA | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\D.
Error - 19.02.2011 10:25:57 | Computer Name = WOWA | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\D.
Error - 19.02.2011 10:25:57 | Computer Name = WOWA | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\D.
Error - 19.02.2011 10:25:57 | Computer Name = WOWA | Source = Ftdisk | ID = 262189
Description = Das System konnte den Treiber für das Speicherabbild nicht laden.
Error - 19.02.2011 10:25:57 | Computer Name = WOWA | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 19.02.2011 10:27:05 | Computer Name = WOWA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Ati HotKey Poller" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 19.02.2011 10:27:05 | Computer Name = WOWA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Hardlock" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 19.02.2011 10:27:05 | Computer Name = WOWA | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Guardant Emulator Driver" ist vom Dienst "Hardlock" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%2
Error - 19.02.2011 10:27:05 | Computer Name = WOWA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Firewall/Internet Connection Sharing (ICS)" wurde
mit folgendem Fehler beendet: %%2
< End of report >
--- --- ---
Hoffe Ihr wisst was da steht ich verstehe da nur Bahnhof. |
